Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/UlgqoKlx3VNziknKlDKQF3HdB6o.roa
File: UlgqoKlx3VNziknKlDKQF3HdB6o.roa (raw, json)
Hash identifier: QXZyIGcWF6gILwBZNBRhO0N65nHRFY5lhzzov0oc4c4=
Subject key identifier: 52:58:2A:A0:A9:71:DD:53:73:8A:49:CA:94:32:90:17:71:DD:07:AA
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018750F7421853B6B5DDC9528559D99CBEB2
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/UlgqoKlx3VNziknKlDKQF3HdB6o.roa
Signing time: Wed 05 Apr 2023 10:29:54 +0000
ROA not before: Wed 05 Apr 2023 10:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.230.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
144.208.244.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a00:11c0:24::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 May 2023 09:53:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:f7:42:18:53:b6:b5:dd:c9:52:85:59:d9:9c:be:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Apr 5 10:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52582aa0a971dd53738a49ca9432901771dd07aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e0:db:16:22:e5:57:06:76:39:0e:00:41:86:
24:be:dd:e6:ce:c5:e3:0e:7a:7d:57:ac:55:4d:d3:
16:d6:d1:5c:b7:9d:4a:d0:04:ae:eb:df:0a:5a:65:
aa:f1:96:e3:30:63:06:2d:5d:cf:fe:ad:4e:81:55:
98:c0:35:45:62:42:08:c7:35:47:c5:d6:20:e4:c4:
60:69:46:b4:fd:f0:ab:2c:c3:c7:61:b5:b9:c2:e0:
61:e2:d2:81:26:4a:0f:52:a9:5d:90:31:e3:91:f8:
d1:69:8c:cd:c4:3c:47:9a:fa:46:13:3d:cc:4e:f7:
3c:96:f3:94:b4:a1:a9:e3:25:02:a5:ff:ec:99:6e:
9e:ae:c1:ba:22:50:8f:08:f0:f0:2c:53:d5:d6:80:
13:11:b5:3b:07:3e:7f:89:43:cb:e9:e3:77:6e:32:
c6:86:74:0c:98:68:63:6f:c9:42:d3:49:65:b2:6d:
69:0a:f5:59:d9:c2:3c:9c:17:32:1d:3c:30:f9:1d:
c2:4d:d3:f0:ac:3e:3b:a4:1e:a9:e6:eb:7c:a6:c1:
81:64:4f:c0:08:ba:9b:13:91:cf:b0:55:6e:54:2d:
bd:de:33:df:a5:6a:d3:86:31:85:b2:89:79:9e:2f:
26:4d:30:68:13:d4:6d:0d:39:cb:b4:1b:6b:cc:ab:
b2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:58:2A:A0:A9:71:DD:53:73:8A:49:CA:94:32:90:17:71:DD:07:AA
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/UlgqoKlx3VNziknKlDKQF3HdB6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
66:25:a4:e8:50:53:c8:70:21:e8:51:78:5c:e3:c7:c3:fb:66:
ba:a7:b2:37:0c:7b:f4:3a:23:4e:7b:dc:23:99:87:24:9c:51:
6e:d7:2f:b7:3e:23:19:bc:d0:6d:21:20:a1:65:d3:ee:77:c8:
f4:c5:c7:6b:98:22:d9:c1:c5:ab:b7:b7:49:c9:2e:5e:88:c7:
68:14:3e:4c:2b:a9:dc:60:40:79:1a:d7:97:48:a8:49:90:db:
cb:a0:fe:49:7e:e1:1e:77:87:43:35:fc:0e:ba:91:e7:c5:ed:
8b:e2:a9:c6:25:c6:93:ec:42:ce:8c:7a:46:c4:00:63:cc:15:
6e:4c:2e:15:a9:76:8b:2b:15:14:49:7e:78:c3:c0:ba:66:d7:
7b:6f:92:2b:ee:e1:fc:28:18:e4:c8:04:e4:c0:1f:2a:b6:77:
e4:87:20:31:08:3e:15:0c:a4:a7:e6:1b:40:60:34:16:05:3a:
11:17:33:88:ea:37:39:51:00:63:a7:d7:9d:bf:c2:2f:3a:21:
cf:a5:7f:40:84:85:06:ed:82:da:93:3c:8c:84:53:17:85:12:
33:5f:ac:91:91:53:1b:00:6b:0c:d0:72:05:7b:89:70:e0:30:
6b:26:13:a0:56:8d:d8:b4:23:b6:b5:ee:9e:2a:9c:53:18:80:
eb:b7:20:9b
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYdQ90IYU7a13clShVnZnL6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwNDA1MTAyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjU4MmFhMGE5NzFkZDUzNzM4YTQ5Y2E5NDMyOTAxNzcxZGQwN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+DbFiLlVwZ2OQ4AQYYkvt3mzsXj
Dnp9V6xVTdMW1tFct51K0ASu698KWmWq8ZbjMGMGLV3P/q1OgVWYwDVFYkIIxzVH
xdYg5MRgaUa0/fCrLMPHYbW5wuBh4tKBJkoPUqldkDHjkfjRaYzNxDxHmvpGEz3M
Tvc8lvOUtKGp4yUCpf/smW6ersG6IlCPCPDwLFPV1oATEbU7Bz5/iUPL6eN3bjLG
hnQMmGhjb8lC00llsm1pCvVZ2cI8nBcyHTww+R3CTdPwrD47pB6p5ut8psGBZE/A
CLqbE5HPsFVuVC293jPfpWrThjGFsol5ni8mTTBoE9RtDTnLtBtrzKuynQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFFJYKqCpcd1Tc4pJypQykBdx3QeqMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvVWxncW9LbHgzVk56aWtuS2xES1FGM0hkQjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBkQQCAAEwgYowDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAMAwDBABeEH0DBABeEH4DBAaQ
0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5UdEDBAK5dGADBAK5
5JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV46ADBAXZkgAwFAQCAAIwDgMF
ACoAEcADBQAqAa6gMA0GCSqGSIb3DQEBCwUAA4IBAQBmJaToUFPIcCHoUXhc48fD
+2a6p7I3DHv0OiNOe9wjmYcknFFu1y+3PiMZvNBtISChZdPud8j0xcdrmCLZwcWr
t7dJyS5eiMdoFD5MK6ncYEB5GteXSKhJkNvLoP5JfuEed4dDNfwOupHnxe2L4qnG
JcaT7ELOjHpGxABjzBVuTC4VqXaLKxUUSX54w8C6Ztd7b5Ir7uH8KBjkyATkwB8q
tnfkhyAxCD4VDKSn5htAYDQWBToRFzOI6jc5UQBjp9edv8IvOiHPpX9AhIUG7YLa
kzyMhFMXhRIzX6yRkVMbAGsM0HIFe4lw4DBrJhOgVo3YtCO2te6eKpxTGIDrtyCb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:50 2024 by rpki-client on console-ams.rpki-client.org